Oct 12 2022 11:29 PM
Is it possible to prevent the download, copy and paste of data on Windows 10 Unmanaged devices that have the Office 365 Windows Apps installed? I have been able to get this working with the web-based apps but would also like to apply this to the full windows apps. I have tried creating a access policy in the Defender for Cloud Apps under conditional access but it's not currently working. Any advice greatly appreciated.
Oct 13 2022 01:26 PM - edited Oct 13 2022 01:41 PM
@ChrisGrout this should be possible using Defender for Cloud Apps and Purview. If you assign a site or group label you can used "app enforced restrictions" which is part of SPO. Set the label policy for sites and groups to allow web-only access, this will prevent the file from being opened in native clients or sync'd.
Use app-enforced restrictions - SharePoint in Microsoft 365 | Microsoft Learn
Then in combination use a session policy to block copy/paste.
Copy / print can be blocked on the endpoint itself using labels and groups, but the file itself would need to have the labeled applied.
Jul 14 2023 04:17 PM
Jul 14 2023 04:23 PM
@shockotechcom which particular scenario there are a few different ones described above?
Feb 14 2024 11:07 AM